2 matches found
CVE-2023-6684
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ive' shortcode in versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on 'width' and 'height' user supplied attribute. This makes it possib...
CVE-2023-6684
CVE-2023-6684 affects the Ibtana – WordPress Website Builder plugin for WordPress (IVE shortcode). Reported vulnerability: Stored XSS via width/height attributes in the ive shortcode, due to insufficient input sanitization and output escaping. Affected versions: up to 1.2.2. Attack requires authe...